This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Content was blocked - not signed by valid security certificate

Hi:

Using 9.206-35. I have web protection enabled in transparent mode.

If I have HTTPS (SSL) traffic: "URL filtering only" enabled,
on many web sites (mail.google.com, facebook, etc. ), will get a popup saying "Content was blocked because it was not signed by a valid security certificate".

If I set the HTTPS (SSL) traffic to "Do Not Scan", the error goes away.

From the documentation, It says "URL Filtering Only: This option performs URL category and reputation checks, but does not scan the contents of HTTPS traffic." It would seem, with that selected, the URL would be checked against the blocked categories, etc.

With a lot of sites going to https, I would like to check these against the blocked list, but not necessarily scan the content (but can see the day when this will need to happen).

Ideas?

Thanks,

John S.

This thread was automatically locked due to age.

Parents

0 Michael Dunn over 10 years ago

Any time that the UTM needs to display a block page for an HTTPS connection it will turn that specific connection into a "Decrypt and Scan" so that it can insert content.

If you are doing something like blocking Advertisements that come in on HTTPS... Then I can imagine getting this behavior.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 Michael Dunn over 10 years ago

Any time that the UTM needs to display a block page for an HTTPS connection it will turn that specific connection into a "Decrypt and Scan" so that it can insert content.

If you are doing something like blocking Advertisements that come in on HTTPS... Then I can imagine getting this behavior.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data